Tag: Server

I recently had to pay for incident support to get my BES 4.1.6 SP7 back up and running and talking to my company’s 8 or 9 blackberry handhelds. Here are the steps I took:
1. Determine service account error by checking BES Log file

• c:Program FilesResearch in MotionLogsSERVERNAME_MAGT_01_DATE_0001.txt
• Saw error 5302

2. Export RIM registry key

• regedit
• HKCUSoftwareResearch in Motion  Export key

3. Create new Blackberry Admin user account in AD “BESAdmin”
4. AD > DOMAIN.local properties > Security tab

• Add new user account “BESAdmin”
• set “Send As” permission
• verify inheritance to bbery user accounts
• force if neccessary (advanced security settings for individual user accounts > Allow inheritable permissions CHECKED)

5. Exchange System Manager set Delegate Control

• right click top level and Delegate Control
• Add new user account “BESAdmin” as “Exchange View Only Administrator”
• First Administrative Group > Right Click Properties > Security Tab > Change BESAdmin to add “Administer Information Store” , “Receive As” , & “Send As”

6. Local Security Settings (of blackberry server)

• Local Policies > User Rights Assignments
• add BESAdmin account to “Allow Log on Locally” and “Log on as a service”

7. Set new BESAdmin account as local administrator to BES server

• Computer Management > Users and Groups > Administrator Group
• Add domainBESAdmin

8. Log on as new account BESAdmin
9. Services.msc > Change “Log on As” to new BESAdmin for all Blackberry services (minus BB Attachment service – that stays as “Local System”)
10. Import HKCU RIM key exported in Step 2
11. Recreate MAPI profile (may need bbery services started to do this…)

• open “Blackberry Service Configuration”
• Server tab > Edit Mapi
• Enter information of Exchange Server, and new BESAdmin account
• Apply > OK > OK
• open “Blackberry Manager” and create MAPI profile again using same settings

12. Start BB services or restart server.  Verify handheld communication with server.